def update_candidate(cand_id): ''' Display the index page for interested contributor. ''' candidate = nuancierlib.get_candidate(SESSION, cand_id) # First some security checks if not candidate: flask.flash('No candidate found', 'error') return flask.render_template('msg.html') elif not candidate.election.submission_open: flask.flash( 'The election of this candidate is not open for submission', 'error') return flask.redirect(flask.url_for('elections_list')) elif candidate.approved: flask.flash( 'This candidate was already approved, you cannot update it', 'error') return flask.redirect(flask.url_for('elections_list')) elif candidate.candidate_submitter != flask.g.fas_user.username: flask.flash( 'You are not the person that submitted this candidate, you may ' 'not update it', 'error') return flask.redirect(flask.url_for('elections_list')) form = nuancier.forms.AddCandidateForm(obj=candidate) if form.validate_on_submit(): candidate_file = flask.request.files['candidate_file'] try: validate_input_file(candidate_file) except nuancierlib.NuancierException as err: LOG.debug( 'ERROR: Uploaded file is invalid - user: "******" ' 'election: "%s"', flask.g.fas_user.username, candidate.election.id) LOG.exception(err) flask.flash('%s' % err, 'error') return flask.render_template('update_contribution.html', candidate=candidate, form=form) filename = secure_filename( '%s-%s' % (flask.g.fas_user.username, candidate_file.filename)) # Only save the file once everything has been safely saved in the DB upload_folder = os.path.join(APP.config['PICTURE_FOLDER'], candidate.election.election_folder) if not os.path.exists(upload_folder): # pragma: no cover try: os.mkdir(upload_folder) except OSError as err: LOG.debug('ERROR: cannot add candidate file') LOG.exception(err) flask.flash( 'An error occured while writing the file, please ' 'contact an administrator', 'error') return flask.render_template('update_contribution.html', candidate=candidate, form=form) # Update the candidate form.populate_obj(obj=candidate) candidate.candidate_file = filename candidate.approved = False candidate.approved_motif = None SESSION.add(candidate) # The PIL module has already read the stream so we need to back up candidate_file.seek(0) candidate_file.save(os.path.join(upload_folder, filename)) try: SESSION.commit() except SQLAlchemyError as err: # pragma: no cover LOG.debug(err) SESSION.rollback() # Remove file from the system if the db commit failed os.unlink(os.path.join(upload_folder, filename)) LOG.debug( 'ERROR: cannot add candidate - user: "******" ' 'election: "%s"', flask.g.fas_user.username, candidate.election.id) LOG.exception(err) flask.flash( 'Someone has already upload a file with the same file name' ' for this election', 'error') return flask.render_template('update_contribution.html', candidate=candidate, form=form) flask.flash('Thanks for updating your submission') return flask.redirect(flask.url_for('index')) return flask.render_template('update_contribution.html', candidate=candidate, form=form)
def admin_process_review(election_id): ''' Process the reviewing of a new election. ''' if not nuancier.is_nuancier_admin(flask.g.fas_user): flask.flash('You are not an administrator of nuancier', 'error') return flask.redirect(flask.url_for('msg')) status = flask.request.args.get('status', None) endpoint = 'admin_review' if status: endpoint = 'admin_review_status' election = nuancierlib.get_election(SESSION, election_id) form = nuancier.forms.ConfirmationForm() if not form.validate_on_submit(): flask.flash('Wrong input submitted', 'error') return flask.render_template('msg.html') if not election: flask.flash('No election found', 'error') return flask.render_template('msg.html') if election.election_open: flask.flash( 'This election is already open to public votes and can no ' 'longer be changed', 'error') return flask.redirect(flask.url_for('results_list')) if election.election_public: flask.flash( 'The results of this election are already public, this election' ' can no longer be changed', 'error') return flask.redirect(flask.url_for('results_list')) candidates = nuancierlib.get_candidates(SESSION, election_id) candidates_id = [str(candidate.id) for candidate in candidates] candidates_selected = flask.request.form.getlist('candidates_id') motifs = flask.request.form.getlist('motifs') action = flask.request.form.get('action') if action: action = action.strip() if action not in ['Approved', 'Denied']: flask.flash( 'Only the actions "Approved" or "Denied" are accepted', 'error') return flask.redirect(flask.url_for( endpoint, election_id=election_id, status=status)) selections = [] for cand in candidates_id: if cand not in candidates_selected: selections.append(None) else: selections.append(cand) if action == 'Denied': req_motif = False if not motifs: req_motif = True for cnt in range(len(motifs)): motif = motifs[cnt] if selections[cnt] and not motif.strip(): req_motif = True break if req_motif: flask.flash( 'You must provide a motif to deny a candidate', 'error') return flask.redirect(flask.url_for( endpoint, election_id=election_id, status=status)) cnt = 0 for candidate in candidates_selected: if candidate not in candidates_id: flask.flash( 'One of the candidate submitted was not candidate in this ' 'election', 'error') return flask.redirect(flask.url_for( endpoint, election_id=election_id, status=status)) msgs = [] for candidate in selections: if candidate: candidate = nuancierlib.get_candidate(SESSION, candidate) motif = None if len(motifs) > cnt: motif = motifs[cnt].strip() if action == 'Approved': candidate.approved = True candidate.approved_motif = motif else: candidate.approved = False candidate.approved_motif = motif if APP.config.get( 'NUANCIER_EMAIL_NOTIFICATIONS', False): # pragma: no cover nuancierlib.notifications.email_publish( to_email=candidate.submitter_email, img_title=candidate.candidate_name, motif=motif) else: LOG.warning( 'Should have sent an email to "%s" about "%s" that has' ' been rejected because of "%s"', candidate.submitter_email, candidate.candidate_name, motif) SESSION.add(candidate) msgs.append({ 'topic': 'candidate.%s' % (action.lower()), 'msg': dict( agent=flask.g.fas_user.username, election=election.api_repr(version=1), candidate=candidate.api_repr(version=1), ) }) cnt += 1 try: SESSION.commit() except SQLAlchemyError as err: # pragma: no cover SESSION.rollback() LOG.debug('User: "******" could not approve/deny candidate(s) for ' 'election "%s"', flask.g.fas_user.username, election_id) LOG.exception(err) flask.flash('Could not approve/deny candidate', 'error') flask.flash('Candidate(s) updated') for msg in msgs: nuancierlib.notifications.publish( topic=msg['topic'], msg=msg['msg'], ) return flask.redirect(flask.url_for( endpoint, election_id=election_id, status=status))
def update_candidate(cand_id): ''' Display the index page for interested contributor. ''' candidate = nuancierlib.get_candidate(SESSION, cand_id) # First some security checks if not candidate: flask.flash('No candidate found', 'error') return flask.render_template('msg.html') elif not candidate.election.submission_open: flask.flash( 'The election of this candidate is not open for submission', 'error') return flask.redirect(flask.url_for('elections_list')) elif candidate.approved: flask.flash( 'This candidate was already approved, you cannot update it', 'error') return flask.redirect(flask.url_for('elections_list')) elif candidate.candidate_submitter != flask.g.fas_user.username: flask.flash( 'You are not the person that submitted this candidate, you may ' 'not update it', 'error') return flask.redirect(flask.url_for('elections_list')) form = nuancier.forms.AddCandidateForm(obj=candidate) if form.validate_on_submit(): candidate_file = flask.request.files['candidate_file'] try: validate_input_file(candidate_file) except nuancierlib.NuancierException as err: LOG.debug('ERROR: Uploaded file is invalid - user: "******" ' 'election: "%s"', flask.g.fas_user.username, candidate.election.id) LOG.exception(err) flask.flash(err.message, 'error') return flask.render_template( 'update_contribution.html', candidate=candidate, form=form) filename = secure_filename('%s-%s' % (flask.g.fas_user.username, candidate_file.filename)) # Only save the file once everything has been safely saved in the DB upload_folder = os.path.join( APP.config['PICTURE_FOLDER'], candidate.election.election_folder) if not os.path.exists(upload_folder): # pragma: no cover try: os.mkdir(upload_folder) except OSError, err: LOG.debug('ERROR: cannot add candidate file') LOG.exception(err) flask.flash( 'An error occured while writing the file, please ' 'contact an administrator', 'error') return flask.render_template( 'update_contribution.html', candidate=candidate, form=form) # Update the candidate form.populate_obj(obj=candidate) candidate.candidate_file = filename candidate.approved = False candidate.approved_motif = None SESSION.add(candidate) # The PIL module has already read the stream so we need to back up candidate_file.seek(0) candidate_file.save( os.path.join(upload_folder, filename)) try: SESSION.commit() except SQLAlchemyError as err: # pragma: no cover LOG.debug(err) SESSION.rollback() # Remove file from the system if the db commit failed os.unlink(os.path.join(upload_folder, filename)) LOG.debug('ERROR: cannot add candidate - user: "******" ' 'election: "%s"', flask.g.fas_user.username, candidate.election.id) LOG.exception(err) flask.flash( 'Someone has already upload a file with the same file name' ' for this election', 'error') return flask.render_template( 'update_contribution.html', candidate=candidate, form=form) flask.flash('Thanks for updating your submission') return flask.redirect(flask.url_for('index'))
def admin_process_review(election_id): ''' Process the reviewing of a new election. ''' if not nuancier.is_nuancier_admin(flask.g.fas_user): flask.flash('You are not an administrator of nuancier', 'error') return flask.redirect(flask.url_for('msg')) status = flask.request.args.get('status', None) endpoint = 'admin_review' if status: endpoint = 'admin_review_status' election = nuancierlib.get_election(SESSION, election_id) form = nuancier.forms.ConfirmationForm() if not form.validate_on_submit(): flask.flash('Wrong input submitted', 'error') return flask.render_template('msg.html') if not election: flask.flash('No election found', 'error') return flask.render_template('msg.html') if election.election_open: flask.flash( 'This election is already open to public votes and can no ' 'longer be changed', 'error') return flask.redirect(flask.url_for('results_list')) if election.election_public: flask.flash( 'The results of this election are already public, this election' ' can no longer be changed', 'error') return flask.redirect(flask.url_for('results_list')) candidates = nuancierlib.get_candidates(SESSION, election_id) candidates_id = [str(candidate.id) for candidate in candidates] candidates_selected = flask.request.form.getlist('candidates_id') motifs = flask.request.form.getlist('motifs') action = flask.request.form.get('action') if action: action = action.strip() if action not in ['Approved', 'Denied']: flask.flash('Only the actions "Approved" or "Denied" are accepted', 'error') return flask.redirect( flask.url_for(endpoint, election_id=election_id, status=status)) selections = [] for cand in candidates_id: if cand not in candidates_selected: selections.append(None) else: selections.append(cand) if action == 'Denied': req_motif = False if not motifs: req_motif = True for cnt in range(len(motifs)): motif = motifs[cnt] if selections[cnt] and not motif.strip(): req_motif = True break if req_motif: flask.flash('You must provide a reason to deny a candidate', 'error') return flask.redirect( flask.url_for(endpoint, election_id=election_id, status=status)) cnt = 0 for candidate in candidates_selected: if candidate not in candidates_id: flask.flash( 'One of the candidate submitted was not candidate in this ' 'election', 'error') return flask.redirect( flask.url_for(endpoint, election_id=election_id, status=status)) msgs = [] for candidate in selections: if candidate: candidate = nuancierlib.get_candidate(SESSION, candidate) motif = None if len(motifs) > cnt: motif = motifs[cnt].strip() if action == 'Approved': candidate.approved = True candidate.approved_motif = motif else: candidate.approved = False candidate.approved_motif = motif if APP.config.get('NUANCIER_EMAIL_NOTIFICATIONS', False): # pragma: no cover nuancierlib.notifications.email_publish( to_email=candidate.submitter_email, img_title=candidate.candidate_name, motif=motif) else: LOG.warning( 'Should have sent an email to "%s" about "%s" that has' ' been rejected because of "%s"', candidate.submitter_email, candidate.candidate_name, motif) SESSION.add(candidate) msgs.append({ 'topic': 'candidate.%s' % (action.lower()), 'msg': dict( agent=flask.g.fas_user.username, election=election.api_repr(version=1), candidate=candidate.api_repr(version=1), ) }) cnt += 1 try: SESSION.commit() except SQLAlchemyError as err: # pragma: no cover SESSION.rollback() LOG.debug( 'User: "******" could not approve/deny candidate(s) for ' 'election "%s"', flask.g.fas_user.username, election_id) LOG.exception(err) flask.flash('Could not approve/deny candidate', 'error') flask.flash('Candidate(s) updated') for msg in msgs: nuancierlib.notifications.publish( topic=msg['topic'], msg=msg['msg'], ) return flask.redirect( flask.url_for(endpoint, election_id=election_id, status=status))